I will explain to you today how to block any ip address if exceeded our limitations, this is would be useful to prevent small ddos attack from affecting your server performance .
Assume you already having csf installed and running :
1) Connect to your server shell and do the following command :
2) Search for "CT_LIMIT" and set its value to 150 or as you see its good for your environment but keep in mind if you set it too low not suitable to your work you will see too many false positives .
3) Overwrite file and close then do the following command to restart csf to apply our new configuration :